2
M.Thompson, O.Kolesnikov, Berkeley National Laboratory Local Computing l User sits down in front of the computer l Responds to the login prompt with a user id and password. l Machine has a list of all the users and their encrypted passwords l Password never goes across the network l Passwords are encrypted with a one-way code l The crypt alogrithm of Unix has been around since mid 70’s. Uses a salt to keep identical passwords from having the same encryption. Uses only 8 characters, case sensitive. Uses 25 iterations of DES. l Typically broken by guessing and verifying guess or snooping the password.

3
M.Thompson, O.Kolesnikov, Berkeley National Laboratory Remote Access Computing l User logs in to one or more remote machine(s) l Each machine has its own copy of userid and password for each user n Changing a password on one machine does not affect the other machines n Each time a user connects to a different machine, she must login again l In the standard Unix login or rsh commands, the user’s password is sent in clear text over the network or else hosts trust users on the basis of their IP addresses l Ssh n encrypts the password before sending it n or uses a user’s key pair for establishing her identity

4
M.Thompson, O.Kolesnikov, Berkeley National Laboratory Single Domain Remote Access Computing l User gets access to many machines in a single administrative domain. l He has a single userid and password for all the machines l Can login just once to a central trusted server l Examples n Kerberos freeware from MIT Project Athena n NIS - Sun software with remote access comands

5
M.Thompson, O.Kolesnikov, Berkeley National Laboratory Kerberos l User - password based authentication based on late-70’s Needham -Schroeder algorithms. l Kerberos Authentication Server aka KDC (Key Distribution Center) shares long-term secret (password) with each authorized user. l User logs in and established a short term session key with the AS which can be used to establish his identity with other entities, e.g. file system, other hosts or services each of which trusts the authority server. l The authorization mechanism needs to be integrated with the each function, e.g. file access, login, telnet, ftp,... l The central server is a single point of vulnerablity to attack and failure. l Been in use for 20 years. We are now at version 5.

6
M.Thompson, O.Kolesnikov, Berkeley National Laboratory NIS l Central server has all the user ids and passwords, don’t need to store passwords locally. l Facilitates the same user id and passwords on all machines on a network l Then rlogin and rsh allow the user to have access to all the hosts in the hosts.equiv and.rhost files l No real security, depends IP addresses l Integrated with NFS to allow access to NFS files from any host to which they are exported.

7
M.Thompson, O.Kolesnikov, Berkeley National Laboratory Cross Domain Authentication l Holy Grail is to allow a user to login in once and get access to a ticket that will identify him to all machines on which he is allowed to run. l Kerberos supports cross realm authentication, but it is politically difficult to achieve. Used for multiple AFS/DFS cells within a single institution. CMU, DOE weapons labs l X.509 Identity certificates. An IETF standard. Contains a multi-part unique name and a public key. The legitimate owner of the certificate has the matching private key.

14
M.Thompson, O.Kolesnikov, Berkeley National Laboratory Digital Signatures l Combines a hash with a digital signature algorithm l To sign n hash the data n encrypt the hash with the sender's private key n send data signer’s name and signature l To verify n hash the data n find the sender’s public key n decrypt the signature with the sender's public key n the result of which should match the hash

20
M.Thompson, O.Kolesnikov, Berkeley National Laboratory SSL Handshake l When you type https://www.entrust.com, browser initiates a new SSL/TLS connection. l For the new connection SSL Handshake must be performed which will: : Negotiate the cipher suite : Authenticate the server to the client [optional] : Use public-key algorithms to establish a shared session key : Authenticate the client to the server [optional]